Adding security tooling

[audunmo]

Caches are a bit of a mine field, security wise. I would gladly contribute.

I would think that adding gosec and govet probably makes sense. The codebase might also benefit from the larger golangci-lint package. Would you be open to a PR that introduces these?